The convergence of IT and OT Security is one of the key trends in the modern digital industry. This process can provide a qualitatively new level of technology integration of the functional properties of systems of different classes and a significant expansion of the range of IT infrastructure.
Moreover, it is this trend that leads to the emergence of the most promising and useful products for the user and even to the formation of new market niches. For example, any “cloud” service is a converged service that combines classic telecom technologies (Internet access, network infrastructure, billing, etc.) and IT (implementation of application functionality on the server, data center technologies supporting the service, Internet protocols, etc.).
In general, converged solutions mean optimized technological complexes that contain everything necessary to solve certain tasks of the organization or are configured for efficient use of IT resources or to simplify the processes of system implementation. One of the results of converged solutions can be considered the widespread use of VPN services by large companies (follow the link to read the NordVPN review to check how the popularity of VPN has grown in the business environment in recent years).
The benefits of a merger of IT and OT Security.
The new type of access management includes one security policy, one access tool, and one audit log. In some organizations, user management is already fully integrated, that is, using a single corporate policy that defines the allowed access and use of resources, a single administrator archive, and a single logging tool to simplify reporting and auditing.
Such a solution allows enterprises to:
– Convenience: Replaces one-time Password Tokens (OTP) or key identification keychains, eliminating the need to carry multiple devices or reprogram OTP to gain access to all necessary physical or IT resources;
– Security: provides strong authentication across the entire IT infrastructure of key systems and applications (not just around the perimeter), and even at the door level;
– Cost Reduction: Eliminates the need to invest in multiple access solutions by centralizing management and consolidating tasks into a single set of administration and support processes for the release, replacement, and recall of access tools.
What about modern mobile security?
As you know, users are becoming more mobile and more often use their own devices (BYOD) to access the resources they need in the organization’s environment, more than 7 billion new wireless devices, which brings us closer to the figure of one mobile device per person on the planet.
Organizations are trying to support this kind of mobile access, while also considering ways to take advantage of users ‘ mobile devices as platforms for physical and logical access. At the same time, there are always pilot projects, such as the Arizona State University project, which confirmed the reality of the concept of using a mobile phone as a base for a means of physical access.
An effective mobile access control model allows you to support any type of access control data on your smartphone, including access control data, cashless payment, biometric verification, PC access, and many other tasks. The authentication tool is stored on the security element of the mobile device, and the cloud-based authentication model eliminates the risk of copying the access tool, while making it easier to provide a temporary access tool, cancel lost or stolen cards, and, if necessary, control and modify security settings.
Users get the opportunity to carry a number of access control cards, as well as an OTP token to log in to a computer system, on their phone, with which they can authenticate on the network by simply touching them to a personal tablet.
The combination of mobile tokens on the phone with one-time registration capabilities in cloud applications allows you to combine classic two-factor authentication with optimized access to various cloud applications on a single device that users rarely forget or lose. Besides, the same phone can be used for opening doors and a variety of other applications.
Mobility has an ongoing impact on convergence, encouraging physical and IT security teams to collaborate on the development of a new solution. The result can be a solution for simple and efficient management of PACS cards and IT access cards on phones while maintaining the same level of security inherent in the cards.
Current results of the convergence of IT and OT Security.
As the most successful solutions in the field of combining IT and OT Security, we can name:
– The term SoLoMo: a fusion of social media, geographic information services (related to the consumer’s location), and mobile devices and technologies.
– Business applications with integrated telephony features-communication with customers and partners are based on the easily accessible capabilities of the business application. An example of such a solution is Microsoft Dynamics, Sales Creatio, Pipedrive, and other popular ERP and CRM systems.